| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/webcrypto/algorithms/ec.h" | 5 #include "components/webcrypto/algorithms/ec.h" |
| 6 | 6 |
| 7 #include <openssl/ec.h> | 7 #include <openssl/ec.h> |
| 8 #include <openssl/ec_key.h> | 8 #include <openssl/ec_key.h> |
| 9 #include <openssl/evp.h> | 9 #include <openssl/evp.h> |
| 10 #include <openssl/pkcs12.h> | 10 #include <openssl/pkcs12.h> |
| 11 #include <stddef.h> | 11 #include <stddef.h> |
| 12 #include <utility> |
| 12 | 13 |
| 13 #include "base/logging.h" | 14 #include "base/logging.h" |
| 14 #include "base/macros.h" | 15 #include "base/macros.h" |
| 15 #include "components/webcrypto/algorithms/asymmetric_key_util.h" | 16 #include "components/webcrypto/algorithms/asymmetric_key_util.h" |
| 16 #include "components/webcrypto/algorithms/util.h" | 17 #include "components/webcrypto/algorithms/util.h" |
| 17 #include "components/webcrypto/blink_key_handle.h" | 18 #include "components/webcrypto/blink_key_handle.h" |
| 18 #include "components/webcrypto/crypto_data.h" | 19 #include "components/webcrypto/crypto_data.h" |
| 19 #include "components/webcrypto/generate_key_result.h" | 20 #include "components/webcrypto/generate_key_result.h" |
| 20 #include "components/webcrypto/jwk.h" | 21 #include "components/webcrypto/jwk.h" |
| 21 #include "components/webcrypto/status.h" | 22 #include "components/webcrypto/status.h" |
| (...skipping 247 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 269 | 270 |
| 270 blink::WebCryptoKey public_key; | 271 blink::WebCryptoKey public_key; |
| 271 blink::WebCryptoKey private_key; | 272 blink::WebCryptoKey private_key; |
| 272 | 273 |
| 273 blink::WebCryptoKeyAlgorithm key_algorithm = | 274 blink::WebCryptoKeyAlgorithm key_algorithm = |
| 274 blink::WebCryptoKeyAlgorithm::createEc(algorithm.id(), | 275 blink::WebCryptoKeyAlgorithm::createEc(algorithm.id(), |
| 275 params->namedCurve()); | 276 params->namedCurve()); |
| 276 | 277 |
| 277 // Note that extractable is unconditionally set to true. This is because per | 278 // Note that extractable is unconditionally set to true. This is because per |
| 278 // the WebCrypto spec generated public keys are always extractable. | 279 // the WebCrypto spec generated public keys are always extractable. |
| 279 status = CreateWebCryptoPublicKey(public_pkey.Pass(), key_algorithm, true, | 280 status = CreateWebCryptoPublicKey(std::move(public_pkey), key_algorithm, true, |
| 280 public_usages, &public_key); | 281 public_usages, &public_key); |
| 281 if (status.IsError()) | 282 if (status.IsError()) |
| 282 return status; | 283 return status; |
| 283 | 284 |
| 284 status = CreateWebCryptoPrivateKey(private_pkey.Pass(), key_algorithm, | 285 status = CreateWebCryptoPrivateKey(std::move(private_pkey), key_algorithm, |
| 285 extractable, private_usages, &private_key); | 286 extractable, private_usages, &private_key); |
| 286 if (status.IsError()) | 287 if (status.IsError()) |
| 287 return status; | 288 return status; |
| 288 | 289 |
| 289 result->AssignKeyPair(public_key, private_key); | 290 result->AssignKeyPair(public_key, private_key); |
| 290 return Status::Success(); | 291 return Status::Success(); |
| 291 } | 292 } |
| 292 | 293 |
| 293 Status EcAlgorithm::VerifyKeyUsagesBeforeImportKey( | 294 Status EcAlgorithm::VerifyKeyUsagesBeforeImportKey( |
| 294 blink::WebCryptoKeyFormat format, | 295 blink::WebCryptoKeyFormat format, |
| (...skipping 14 matching lines...) Expand all Loading... |
| 309 return status; | 310 return status; |
| 310 | 311 |
| 311 const blink::WebCryptoEcKeyImportParams* params = | 312 const blink::WebCryptoEcKeyImportParams* params = |
| 312 algorithm.ecKeyImportParams(); | 313 algorithm.ecKeyImportParams(); |
| 313 | 314 |
| 314 status = VerifyEcKeyAfterSpkiOrPkcs8Import(private_key.get(), | 315 status = VerifyEcKeyAfterSpkiOrPkcs8Import(private_key.get(), |
| 315 params->namedCurve()); | 316 params->namedCurve()); |
| 316 if (status.IsError()) | 317 if (status.IsError()) |
| 317 return status; | 318 return status; |
| 318 | 319 |
| 319 return CreateWebCryptoPrivateKey(private_key.Pass(), | 320 return CreateWebCryptoPrivateKey(std::move(private_key), |
| 320 blink::WebCryptoKeyAlgorithm::createEc( | 321 blink::WebCryptoKeyAlgorithm::createEc( |
| 321 algorithm.id(), params->namedCurve()), | 322 algorithm.id(), params->namedCurve()), |
| 322 extractable, usages, key); | 323 extractable, usages, key); |
| 323 } | 324 } |
| 324 | 325 |
| 325 Status EcAlgorithm::ImportKeySpki(const CryptoData& key_data, | 326 Status EcAlgorithm::ImportKeySpki(const CryptoData& key_data, |
| 326 const blink::WebCryptoAlgorithm& algorithm, | 327 const blink::WebCryptoAlgorithm& algorithm, |
| 327 bool extractable, | 328 bool extractable, |
| 328 blink::WebCryptoKeyUsageMask usages, | 329 blink::WebCryptoKeyUsageMask usages, |
| 329 blink::WebCryptoKey* key) const { | 330 blink::WebCryptoKey* key) const { |
| 330 crypto::ScopedEVP_PKEY public_key; | 331 crypto::ScopedEVP_PKEY public_key; |
| 331 Status status = | 332 Status status = |
| 332 ImportUnverifiedPkeyFromSpki(key_data, EVP_PKEY_EC, &public_key); | 333 ImportUnverifiedPkeyFromSpki(key_data, EVP_PKEY_EC, &public_key); |
| 333 if (status.IsError()) | 334 if (status.IsError()) |
| 334 return status; | 335 return status; |
| 335 | 336 |
| 336 const blink::WebCryptoEcKeyImportParams* params = | 337 const blink::WebCryptoEcKeyImportParams* params = |
| 337 algorithm.ecKeyImportParams(); | 338 algorithm.ecKeyImportParams(); |
| 338 | 339 |
| 339 status = | 340 status = |
| 340 VerifyEcKeyAfterSpkiOrPkcs8Import(public_key.get(), params->namedCurve()); | 341 VerifyEcKeyAfterSpkiOrPkcs8Import(public_key.get(), params->namedCurve()); |
| 341 if (status.IsError()) | 342 if (status.IsError()) |
| 342 return status; | 343 return status; |
| 343 | 344 |
| 344 return CreateWebCryptoPublicKey(public_key.Pass(), | 345 return CreateWebCryptoPublicKey(std::move(public_key), |
| 345 blink::WebCryptoKeyAlgorithm::createEc( | 346 blink::WebCryptoKeyAlgorithm::createEc( |
| 346 algorithm.id(), params->namedCurve()), | 347 algorithm.id(), params->namedCurve()), |
| 347 extractable, usages, key); | 348 extractable, usages, key); |
| 348 } | 349 } |
| 349 | 350 |
| 350 // The format for JWK EC keys is given by: | 351 // The format for JWK EC keys is given by: |
| 351 // https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-36#section-6.
2 | 352 // https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-36#section-6.
2 |
| 352 Status EcAlgorithm::ImportKeyJwk(const CryptoData& key_data, | 353 Status EcAlgorithm::ImportKeyJwk(const CryptoData& key_data, |
| 353 const blink::WebCryptoAlgorithm& algorithm, | 354 const blink::WebCryptoAlgorithm& algorithm, |
| 354 bool extractable, | 355 bool extractable, |
| (...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 441 crypto::ScopedEVP_PKEY pkey(EVP_PKEY_new()); | 442 crypto::ScopedEVP_PKEY pkey(EVP_PKEY_new()); |
| 442 if (!pkey || !EVP_PKEY_set1_EC_KEY(pkey.get(), ec.get())) | 443 if (!pkey || !EVP_PKEY_set1_EC_KEY(pkey.get(), ec.get())) |
| 443 return Status::OperationError(); | 444 return Status::OperationError(); |
| 444 | 445 |
| 445 blink::WebCryptoKeyAlgorithm key_algorithm = | 446 blink::WebCryptoKeyAlgorithm key_algorithm = |
| 446 blink::WebCryptoKeyAlgorithm::createEc(algorithm.id(), | 447 blink::WebCryptoKeyAlgorithm::createEc(algorithm.id(), |
| 447 params->namedCurve()); | 448 params->namedCurve()); |
| 448 | 449 |
| 449 // Wrap the EVP_PKEY into a WebCryptoKey | 450 // Wrap the EVP_PKEY into a WebCryptoKey |
| 450 if (is_private_key) { | 451 if (is_private_key) { |
| 451 return CreateWebCryptoPrivateKey(pkey.Pass(), key_algorithm, extractable, | 452 return CreateWebCryptoPrivateKey(std::move(pkey), key_algorithm, |
| 452 usages, key); | 453 extractable, usages, key); |
| 453 } | 454 } |
| 454 return CreateWebCryptoPublicKey(pkey.Pass(), key_algorithm, extractable, | 455 return CreateWebCryptoPublicKey(std::move(pkey), key_algorithm, extractable, |
| 455 usages, key); | 456 usages, key); |
| 456 } | 457 } |
| 457 | 458 |
| 458 Status EcAlgorithm::ExportKeyPkcs8(const blink::WebCryptoKey& key, | 459 Status EcAlgorithm::ExportKeyPkcs8(const blink::WebCryptoKey& key, |
| 459 std::vector<uint8_t>* buffer) const { | 460 std::vector<uint8_t>* buffer) const { |
| 460 if (key.type() != blink::WebCryptoKeyTypePrivate) | 461 if (key.type() != blink::WebCryptoKeyTypePrivate) |
| 461 return Status::ErrorUnexpectedKeyType(); | 462 return Status::ErrorUnexpectedKeyType(); |
| 462 // This relies on the fact that PKCS8 formatted data was already | 463 // This relies on the fact that PKCS8 formatted data was already |
| 463 // associated with the key during its creation (used by | 464 // associated with the key during its creation (used by |
| 464 // structured clone). | 465 // structured clone). |
| (...skipping 103 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 568 | 569 |
| 569 if (algorithm.ecParams()->namedCurve() != | 570 if (algorithm.ecParams()->namedCurve() != |
| 570 key->algorithm().ecParams()->namedCurve()) { | 571 key->algorithm().ecParams()->namedCurve()) { |
| 571 return Status::ErrorUnexpected(); | 572 return Status::ErrorUnexpected(); |
| 572 } | 573 } |
| 573 | 574 |
| 574 return Status::Success(); | 575 return Status::Success(); |
| 575 } | 576 } |
| 576 | 577 |
| 577 } // namespace webcrypto | 578 } // namespace webcrypto |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1548203002:
Convert Pass()→std::move() in //components/[n-z]* (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master